Introduction to the Compliance Module
Quick introduction to the module key capabilities
Compliance modules in eramba are used to explain to people how compliant your organization is with any type of regulatory or contractual requirement.
The process starts by uploading free and open format (CSV based) compliance packages (PCI, ISO, NIST, SOC2, SOX, Etc) provided by us or made by you and link them with other modules in eramba such as Internal Controls, Policies, Exceptions, Risks, Projects, Etc in order to explain people how you complain with them.
This allows you to explain how your organization decided to deal with a requirement, when an auditor asks how you meet requirement 1.1.6 from PCI you simply need to look at the related items. If the auditor needs more details a shortcut provides you direct access to the related items.
Since every module has status of their own you can tell how they are performing (Risks have reviews, Policies have reviews, Controls have Audits, Etc) and that is how you can tell, not just what solution you have for each compliance requirement, but also if those solutions are working or not. That is reflected in the status column, your compliance requirements inherit the status of your solutions making it pretty clear to know when something is ok or not.
This well proven approach will immediately tell through different charts how well your organization is against any set of requirements and how that evolved over time. Collecting reviews, audits, etc using eramba’s built in notifications will ensure you have evidence ready for your auditors to review (and when you do not have the evidence as well!). You no longer need to review your compliance a month or two before the audit, eramba built in audits help you be compliant throughout the year.
You can upload mappings in between compliance packages if you wish, eramba will automatically copy whatever treatment you have on the destination mappings.
Once you complete your audits, any finding can be tracked down in eramba along its responsible teams and deadlines and affected compliance requirements. As any module in eramba, you can use filters, reports and notifications to collect status from teams across your organization and help you never miss a deadline.
Playlist
- Episode 1Introduction to the Compliance Module16 mins left
- Episode 2Problem vs. Solution Principle14 mins left
- Episode 3Access Management & User Interface1 min left
- Episode 4Compliance Package Database2 mins left
- Episode 5Uploading Compliance Packages4 mins left
- Episode 6Mapping Compliance Packages4 mins left
- Episode 7Compliance Management Related Modules0 mins left
- Episode 8Configuring Compliance Analysis Module1 min left
- Episode 9Mapping Solutions to Compliance Requirements24 mins left
- Episode 10Typical Filters: Compliance Analysis Module5 mins left
- Episode 11Typical Dynamic Statuses: Compliance Analysis Module6 mins left
- Episode 12Typical Reports: Compliance Analysis Module1 min left
- Episode 13Compliance Management Implementation Guidance3 mins left